1 /*
2  * Copyright (C) 2021 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package com.android.internal.net.ipsec.ike;
17 
18 import android.content.Context;
19 import android.content.pm.PackageManager;
20 import android.net.ipsec.ike.IkeSession;
21 import android.os.Looper;
22 
23 import com.android.internal.net.eap.EapAuthenticator;
24 import com.android.internal.net.ipsec.ike.utils.IkeMetrics;
25 import com.android.internal.net.ipsec.ike.utils.RandomnessFactory;
26 import com.android.internal.net.utils.IkeDeviceConfigUtils;
27 
28 /** IkeContext contains all context information of an IKE Session */
29 public class IkeContext implements EapAuthenticator.EapContext {
30     private static final String NAMESPACE_IPSEC = "ipsec";
31 
32     public static final String CONFIG_AUTO_ADDRESS_FAMILY_SELECTION_CELLULAR_PREFER_IPV4 =
33             "config_auto_address_family_selection_cellular_prefer_ipv4";
34     public static final String CONFIG_AUTO_NATT_KEEPALIVES_CELLULAR_TIMEOUT_OVERRIDE_SECONDS =
35             "config_auto_natt_keepalives_cellular_timeout_override_seconds";
36     public static final String CONFIG_USE_CACHED_ADDRS = "config_use_cached_addrs";
37 
38     private final @IkeMetrics.IkeCaller int mIkeCaller;
39     private final Looper mLooper;
40     private final Context mContext;
41     private final RandomnessFactory mRandomFactory;
42 
43     /** Constructor for IkeContext */
IkeContext(Looper looper, Context context, RandomnessFactory randomFactory)44     public IkeContext(Looper looper, Context context, RandomnessFactory randomFactory) {
45         mLooper = looper;
46         mContext = context;
47         mRandomFactory = randomFactory;
48 
49         mIkeCaller = getIkeCaller(mContext);
50     }
51 
getIkeCaller(Context context)52     private static @IkeMetrics.IkeCaller int getIkeCaller(Context context) {
53         if (PackageManager.PERMISSION_GRANTED
54                 != context.checkSelfPermission(android.Manifest.permission.NETWORK_FACTORY)) {
55             // Only track metrics from system callers for now
56             return IkeMetrics.IKE_CALLER_UNKNOWN;
57         }
58 
59         final String attributionTag = context.getAttributionTag();
60         if (IkeSession.CONTEXT_ATTRIBUTION_TAG_IWLAN.equals(attributionTag)) {
61             return IkeMetrics.IKE_CALLER_IWLAN;
62         } else if (IkeSession.CONTEXT_ATTRIBUTION_TAG_VCN.equals(attributionTag)) {
63             return IkeMetrics.IKE_CALLER_VCN;
64         } else if (IkeSession.CONTEXT_ATTRIBUTION_TAG_VPN.equals(attributionTag)) {
65             return IkeMetrics.IKE_CALLER_VPN;
66         } else {
67             return IkeMetrics.IKE_CALLER_UNKNOWN;
68         }
69     }
70 
getIkeCaller()71     public @IkeMetrics.IkeCaller int getIkeCaller() {
72         return mIkeCaller;
73     }
74 
75     /** Gets the Looper */
76     @Override
getLooper()77     public Looper getLooper() {
78         return mLooper;
79     }
80 
81     /** Gets the Context */
82     @Override
getContext()83     public Context getContext() {
84         return mContext;
85     }
86 
87     /** Gets the RandomnessFactory which will control if the IKE Session is in test mode */
88     @Override
getRandomnessFactory()89     public RandomnessFactory getRandomnessFactory() {
90         return mRandomFactory;
91     }
92 
93     /** Looks up the value of an integer property for IPsec module from DeviceConfig */
getDeviceConfigPropertyInt( String name, int minimumValue, int maximumValue, int defaultValue)94     public int getDeviceConfigPropertyInt(
95             String name, int minimumValue, int maximumValue, int defaultValue) {
96         if (!hasReadDeviceConfigPermission()) {
97             return defaultValue;
98         }
99 
100         return IkeDeviceConfigUtils.getDeviceConfigPropertyInt(
101                 NAMESPACE_IPSEC, name, minimumValue, maximumValue, defaultValue);
102     }
103 
104     /** Looks up the value of a boolean property for IPsec module from DeviceConfig */
getDeviceConfigPropertyBoolean(String name, boolean defaultValue)105     public boolean getDeviceConfigPropertyBoolean(String name, boolean defaultValue) {
106         if (!hasReadDeviceConfigPermission()) {
107             return defaultValue;
108         }
109         return IkeDeviceConfigUtils.getDeviceConfigPropertyBoolean(
110                 NAMESPACE_IPSEC, name, defaultValue);
111     }
112 
hasReadDeviceConfigPermission()113     private boolean hasReadDeviceConfigPermission() {
114         return mContext.checkSelfPermission(android.Manifest.permission.READ_DEVICE_CONFIG)
115                 == PackageManager.PERMISSION_GRANTED;
116     }
117 }
118